From f9ff878940fae57246d447f84a483b302e7633dd Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 30 Dec 2020 09:29:20 -0800 Subject: [PATCH] Update windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../microsoft-defender-atp/indicator-ip-domain.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md index 8578ea6865..b32d4960f4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md +++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md @@ -51,8 +51,8 @@ It's important to understand the following prerequisites prior to creating indic > Only external IPs can be added to the indicator list. Indicators cannot be created for internal IPs. > For web protection scenarios, we recommend using the built-in capabilities in Microsoft Edge. Microsoft Edge leverages [Network Protection](network-protection.md) to inspect network traffic and allows blocks for TCP, HTTP, and HTTPS (TLS). For all other processes, web protection scenarios leverage Network Protection for inspection and enforcement:
> NOTE: ->- IP is supported for all three protocols ->- Only single IP addresses are supported (no CIDR blocks or IP ranges) +> - IP is supported for all three protocols +> - Only single IP addresses are supported (no CIDR blocks or IP ranges) >- Encrypted URLs (full path) can only be blocked on first party browsers (Internet Explorer, Edge) >- Encrypted URLS (FQDN only) can be blocked outside of first party browsers (Internet Explorer, Edge) >- Full URL path blocks can be applied on the domain level and all unencrypted URLs